The Relationship between TCP's MSS (Maximum Segment Size) and MTU

The Relationship between TCP's MSS (Maximum Segment Size) and MTU

Knowledge Point Description
MSS (Maximum Segment Size) is a key parameter of the TCP protocol, referring to the maximum length of the data portion in a TCP segment, excluding the TCP header and IP header. MTU (Maximum Transmission Unit) is the maximum amount of data that a data link layer frame can carry. Understanding the relationship between MSS and MTU is crucial for optimizing network performance and avoiding IP fragmentation.

Detailed Explanation

1. Basic Concept Definitions

  • MTU (Maximum Transmission Unit): This is a data link layer concept, referring to the maximum amount of data a single frame can transmit. For example, the standard MTU for Ethernet is 1500 bytes. This value includes the network layer header (e.g., IP header, typically 20 bytes) and transport layer data.
  • MSS (Maximum Segment Size): This is a TCP layer concept, referring to the maximum length of application-layer data in a single TCP segment. It does not include the TCP header (typically 20 bytes) or the IP header.

2. Calculation Relationship between MSS and MTU
There is a direct conversion relationship between them:
MSS = MTU - IP Header Length - TCP Header Length

Taking a standard Ethernet environment as an example:

  • Data Link Layer MTU = 1500 bytes
  • IP Header Length = 20 bytes
  • TCP Header Length = 20 bytes
    Therefore, MSS = 1500 - 20 - 20 = 1460 bytes.

This means that in a TCP connection, if the MSS negotiated by both parties is 1460, the sender will send at most 1460 bytes of application-layer data at a time. After being encapsulated into a TCP segment, the size becomes 1500 bytes (1460 + 20 TCP header + 20 IP header), exactly equal to the Ethernet MTU, thereby avoiding fragmentation at the IP layer.

3. Why is MSS Needed? The Core Purpose is to Avoid IP Fragmentation
This is key to understanding the importance of MSS.

  • Drawbacks of IP Fragmentation:

    • Inefficiency: If an IP datagram exceeds the MTU of any link along the path, routers will fragment it. Fragmentation and reassembly consume CPU and memory resources on routers and servers.
    • Poor Reliability: In fragmented transmission, the loss of any single fragment causes the entire original IP datagram to be unreassemblable, requiring retransmission of all fragments. This significantly reduces transmission efficiency.

  • MSS as the Solution:
    TCP uses MSS at the transport layer to proactively cut application data into chunks smaller than the path MTU. This way, the resulting IP datagram will not exceed the MTU from the outset, shifting the responsibility for fragmentation from network layer routers to transport layer hosts. Hosts have better knowledge of the entire communication context, making this approach more efficient and reliable.

4. MSS Negotiation Process
The MSS value is not hard-coded in configuration files but is negotiated between communicating parties during the TCP three-way handshake.

  • Detailed Process:

    1. In both the first handshake's SYN segment and the second handshake's SYN-ACK segment, TCP includes an MSS option.
    2. Each party declares in the MSS option the MSS value it is capable of receiving. This value is typically calculated based on the outgoing interface's MTU of the local machine (e.g., for an interface MTU of 1500, the declared MSS would be 1460).
    3. Upon receiving this MSS value, the other party ensures in subsequent data transmission that the data length of each segment sent does not exceed this declared MSS value.

  • Key Point: The MSS values declared by both connection parties may differ. During communication, the sender will use min(local MSS, peer's declared MSS) as the upper limit for the actual MSS used for sending. This is a simple form of negotiation ensuring packets can be received smoothly by the other side.

5. Path MTU Discovery (PMTUD)
MSS negotiation is based on the host's local interface MTU. However, packets may traverse networks with smaller MTUs along the path from source to destination (e.g., certain PPPoE or tunnel networks). In such cases, even adhering to the negotiated MSS, IP datagrams might still be fragmented if they exceed the path MTU.

To address this, the IP protocol supports the Path MTU Discovery mechanism.

  • How it Works: The host sets the DF (Don't Fragment) bit of the IP datagram to 1, prohibiting routers from fragmenting it. If a router finds the datagram too large and DF=1, it discards the packet and sends an ICMP "Fragmentation Needed" error message back to the source host, containing the MTU value of the next hop.
  • Host Response: Upon receiving this ICMP message, the source host updates its path MTU value for that destination and correspondingly reduces the TCP's MSS. This way, subsequent data packets will no longer be fragmented.

Summary

  • MSS is a TCP layer concept used to limit the size of application data, with the purpose of adapting to the network layer's MTU, thereby avoiding IP fragmentation.
  • The relationship is: MSS = MTU - IP Header - TCP Header.
  • The MSS value is negotiated during TCP connection establishment via the three-way handshake.
  • To handle changes in path MTU, the Path MTU Discovery mechanism can be used to dynamically adjust the effective MSS, achieving optimal end-to-end transmission performance.